Re: [webauthn] Should an RP be able to provide finer grained authenticator filtering in attestation options? (#1688) from Tim Cappalli via GitHub on 2025-07-07 (public-webauthn@w3.org from July 2025)

From: Tim Cappalli via GitHub <noreply@w3.org>
Date: Mon, 07 Jul 2025 18:15:04 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-3046120531-1751912102-noreply@w3.org>

Yes understood. However, WebAuthn and passkeys largely follow the "bring your own key" architecture. 

If you have specialized requirements for that key (ex: workforce scenarios), you should provide and configure the required authenticator for the user out of band. 

-- 
GitHub Notification of comment by timcappalli
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1688#issuecomment-3046120531 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 7 July 2025 18:15:05 UTC